Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
A vulnerability recently exposed in Diffie-Hellman key exchange for TLS is potentially serious. However, it can be mitigated by doing the following on all of your TLS/SSL enabled systems:
Due to the nature of this vulnerability, we do not currently have signatures for detecting an exploit attempt in progress. However, we are actively researching methods of detection that can be rolled out to our sensors.
The mechanics of this exploit require Man-in-the-Middle access to the network between the client and server, which makes the largest potential threat either internal users or outside users accessing an insecure network.
The below post on the Logjam attack outlines the configuration changes needed to generate a unique 2048-bit Diffie-Hellman group on common servers applications and will allow Server Test for HTTPS web servers.
https://weakdh.org/sysadmin.html (Site experiencing heavy load)
eSentire has confirmed that our internal systems and the sensors deployed at client sites are protected against this threat. Current eSentire Continuous Vulnerability Service subscribers will receive in their next monthly report the details of any systems vulnerable to this attack.
How to further protect yourself from these (and other) emerging threats: